CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-38002

The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92 and 7.3 GA through update 36 does not properly check user permissions before updating a workflow definition, which allows remote authenticated users to modify workflow definitions and execute arbitrary code (RCE) via the headless API.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.7%

CVSS Severity

CVSS v3 Score 9.0

References

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2024-38002

Products affected by CVE-2024-38002

Liferay » Digital Experience Platform » Version: 2023.q3.1

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.1
Liferay » Digital Experience Platform » Version: 2023.q3.2

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.2
Liferay » Digital Experience Platform » Version: 2023.q3.3

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.3
Liferay » Digital Experience Platform » Version: 2023.q3.4

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.4
Liferay » Digital Experience Platform » Version: 2023.q3.5

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.5
Liferay » Digital Experience Platform » Version: 2023.q3.6

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.6
Liferay » Digital Experience Platform » Version: 2023.q3.7

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.7
Liferay » Digital Experience Platform » Version: 2023.q3.8

cpe:2.3:a:liferay:digital_experience_platform:2023.q3.8
Liferay » Digital Experience Platform » Version: 2023.q4.0

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.0
Liferay » Digital Experience Platform » Version: 2023.q4.1

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.1
Liferay » Digital Experience Platform » Version: 2023.q4.2

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.2
Liferay » Digital Experience Platform » Version: 2023.q4.3

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.3
Liferay » Digital Experience Platform » Version: 2023.q4.4

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.4
Liferay » Digital Experience Platform » Version: 2023.q4.5

cpe:2.3:a:liferay:digital_experience_platform:2023.q4.5
Liferay » Digital Experience Platform » Version: 7.3

cpe:2.3:a:liferay:digital_experience_platform:7.3
Liferay » Digital Experience Platform » Version: 7.4

cpe:2.3:a:liferay:digital_experience_platform:7.4
Liferay » Liferay Portal » Version: 7.3.2

cpe:2.3:a:liferay:liferay_portal:7.3.2
Liferay » Liferay Portal » Version: 7.3.3

cpe:2.3:a:liferay:liferay_portal:7.3.3
Liferay » Liferay Portal » Version: 7.3.4

cpe:2.3:a:liferay:liferay_portal:7.3.4
Liferay » Liferay Portal » Version: 7.3.5

cpe:2.3:a:liferay:liferay_portal:7.3.5
Liferay » Liferay Portal » Version: 7.3.6

cpe:2.3:a:liferay:liferay_portal:7.3.6
Liferay » Liferay Portal » Version: 7.3.7

cpe:2.3:a:liferay:liferay_portal:7.3.7
Liferay » Liferay Portal » Version: 7.4.0

cpe:2.3:a:liferay:liferay_portal:7.4.0
Liferay » Liferay Portal » Version: 7.4.1

cpe:2.3:a:liferay:liferay_portal:7.4.1
Liferay » Liferay Portal » Version: 7.4.2

cpe:2.3:a:liferay:liferay_portal:7.4.2
Liferay » Liferay Portal » Version: 7.4.3.10

cpe:2.3:a:liferay:liferay_portal:7.4.3.10
Liferay » Liferay Portal » Version: 7.4.3.100

cpe:2.3:a:liferay:liferay_portal:7.4.3.100
Liferay » Liferay Portal » Version: 7.4.3.101

cpe:2.3:a:liferay:liferay_portal:7.4.3.101
Liferay » Liferay Portal » Version: 7.4.3.102

cpe:2.3:a:liferay:liferay_portal:7.4.3.102
Liferay » Liferay Portal » Version: 7.4.3.103

cpe:2.3:a:liferay:liferay_portal:7.4.3.103
Liferay » Liferay Portal » Version: 7.4.3.104

cpe:2.3:a:liferay:liferay_portal:7.4.3.104
Liferay » Liferay Portal » Version: 7.4.3.105

cpe:2.3:a:liferay:liferay_portal:7.4.3.105
Liferay » Liferay Portal » Version: 7.4.3.106

cpe:2.3:a:liferay:liferay_portal:7.4.3.106
Liferay » Liferay Portal » Version: 7.4.3.107

cpe:2.3:a:liferay:liferay_portal:7.4.3.107
Liferay » Liferay Portal » Version: 7.4.3.108

cpe:2.3:a:liferay:liferay_portal:7.4.3.108
Liferay » Liferay Portal » Version: 7.4.3.109

cpe:2.3:a:liferay:liferay_portal:7.4.3.109
Liferay » Liferay Portal » Version: 7.4.3.11

cpe:2.3:a:liferay:liferay_portal:7.4.3.11
Liferay » Liferay Portal » Version: 7.4.3.110

cpe:2.3:a:liferay:liferay_portal:7.4.3.110
Liferay » Liferay Portal » Version: 7.4.3.111

cpe:2.3:a:liferay:liferay_portal:7.4.3.111
Liferay » Liferay Portal » Version: 7.4.3.12

cpe:2.3:a:liferay:liferay_portal:7.4.3.12
Liferay » Liferay Portal » Version: 7.4.3.13

cpe:2.3:a:liferay:liferay_portal:7.4.3.13
Liferay » Liferay Portal » Version: 7.4.3.14

cpe:2.3:a:liferay:liferay_portal:7.4.3.14
Liferay » Liferay Portal » Version: 7.4.3.15

cpe:2.3:a:liferay:liferay_portal:7.4.3.15
Liferay » Liferay Portal » Version: 7.4.3.16

cpe:2.3:a:liferay:liferay_portal:7.4.3.16
Liferay » Liferay Portal » Version: 7.4.3.17

cpe:2.3:a:liferay:liferay_portal:7.4.3.17
Liferay » Liferay Portal » Version: 7.4.3.18

cpe:2.3:a:liferay:liferay_portal:7.4.3.18
Liferay » Liferay Portal » Version: 7.4.3.19

cpe:2.3:a:liferay:liferay_portal:7.4.3.19
Liferay » Liferay Portal » Version: 7.4.3.20

cpe:2.3:a:liferay:liferay_portal:7.4.3.20
Liferay » Liferay Portal » Version: 7.4.3.21

cpe:2.3:a:liferay:liferay_portal:7.4.3.21
Liferay » Liferay Portal » Version: 7.4.3.22

cpe:2.3:a:liferay:liferay_portal:7.4.3.22
Liferay » Liferay Portal » Version: 7.4.3.23

cpe:2.3:a:liferay:liferay_portal:7.4.3.23
Liferay » Liferay Portal » Version: 7.4.3.24

cpe:2.3:a:liferay:liferay_portal:7.4.3.24
Liferay » Liferay Portal » Version: 7.4.3.25

cpe:2.3:a:liferay:liferay_portal:7.4.3.25
Liferay » Liferay Portal » Version: 7.4.3.26

cpe:2.3:a:liferay:liferay_portal:7.4.3.26
Liferay » Liferay Portal » Version: 7.4.3.27

cpe:2.3:a:liferay:liferay_portal:7.4.3.27
Liferay » Liferay Portal » Version: 7.4.3.28

cpe:2.3:a:liferay:liferay_portal:7.4.3.28
Liferay » Liferay Portal » Version: 7.4.3.29

cpe:2.3:a:liferay:liferay_portal:7.4.3.29
Liferay » Liferay Portal » Version: 7.4.3.30

cpe:2.3:a:liferay:liferay_portal:7.4.3.30
Liferay » Liferay Portal » Version: 7.4.3.31

cpe:2.3:a:liferay:liferay_portal:7.4.3.31
Liferay » Liferay Portal » Version: 7.4.3.32

cpe:2.3:a:liferay:liferay_portal:7.4.3.32
Liferay » Liferay Portal » Version: 7.4.3.33

cpe:2.3:a:liferay:liferay_portal:7.4.3.33
Liferay » Liferay Portal » Version: 7.4.3.34

cpe:2.3:a:liferay:liferay_portal:7.4.3.34
Liferay » Liferay Portal » Version: 7.4.3.35

cpe:2.3:a:liferay:liferay_portal:7.4.3.35
Liferay » Liferay Portal » Version: 7.4.3.36

cpe:2.3:a:liferay:liferay_portal:7.4.3.36
Liferay » Liferay Portal » Version: 7.4.3.37

cpe:2.3:a:liferay:liferay_portal:7.4.3.37
Liferay » Liferay Portal » Version: 7.4.3.38

cpe:2.3:a:liferay:liferay_portal:7.4.3.38
Liferay » Liferay Portal » Version: 7.4.3.39

cpe:2.3:a:liferay:liferay_portal:7.4.3.39
Liferay » Liferay Portal » Version: 7.4.3.4

cpe:2.3:a:liferay:liferay_portal:7.4.3.4
Liferay » Liferay Portal » Version: 7.4.3.40

cpe:2.3:a:liferay:liferay_portal:7.4.3.40
Liferay » Liferay Portal » Version: 7.4.3.41

cpe:2.3:a:liferay:liferay_portal:7.4.3.41
Liferay » Liferay Portal » Version: 7.4.3.42

cpe:2.3:a:liferay:liferay_portal:7.4.3.42
Liferay » Liferay Portal » Version: 7.4.3.43

cpe:2.3:a:liferay:liferay_portal:7.4.3.43
Liferay » Liferay Portal » Version: 7.4.3.44

cpe:2.3:a:liferay:liferay_portal:7.4.3.44
Liferay » Liferay Portal » Version: 7.4.3.45

cpe:2.3:a:liferay:liferay_portal:7.4.3.45
Liferay » Liferay Portal » Version: 7.4.3.46

cpe:2.3:a:liferay:liferay_portal:7.4.3.46
Liferay » Liferay Portal » Version: 7.4.3.47

cpe:2.3:a:liferay:liferay_portal:7.4.3.47
Liferay » Liferay Portal » Version: 7.4.3.48

cpe:2.3:a:liferay:liferay_portal:7.4.3.48
Liferay » Liferay Portal » Version: 7.4.3.49

cpe:2.3:a:liferay:liferay_portal:7.4.3.49
Liferay » Liferay Portal » Version: 7.4.3.5

cpe:2.3:a:liferay:liferay_portal:7.4.3.5
Liferay » Liferay Portal » Version: 7.4.3.50

cpe:2.3:a:liferay:liferay_portal:7.4.3.50
Liferay » Liferay Portal » Version: 7.4.3.51

cpe:2.3:a:liferay:liferay_portal:7.4.3.51
Liferay » Liferay Portal » Version: 7.4.3.52

cpe:2.3:a:liferay:liferay_portal:7.4.3.52
Liferay » Liferay Portal » Version: 7.4.3.53

cpe:2.3:a:liferay:liferay_portal:7.4.3.53
Liferay » Liferay Portal » Version: 7.4.3.54

cpe:2.3:a:liferay:liferay_portal:7.4.3.54
Liferay » Liferay Portal » Version: 7.4.3.55

cpe:2.3:a:liferay:liferay_portal:7.4.3.55
Liferay » Liferay Portal » Version: 7.4.3.56

cpe:2.3:a:liferay:liferay_portal:7.4.3.56
Liferay » Liferay Portal » Version: 7.4.3.57

cpe:2.3:a:liferay:liferay_portal:7.4.3.57
Liferay » Liferay Portal » Version: 7.4.3.58

cpe:2.3:a:liferay:liferay_portal:7.4.3.58
Liferay » Liferay Portal » Version: 7.4.3.59

cpe:2.3:a:liferay:liferay_portal:7.4.3.59
Liferay » Liferay Portal » Version: 7.4.3.6

cpe:2.3:a:liferay:liferay_portal:7.4.3.6
Liferay » Liferay Portal » Version: 7.4.3.60

cpe:2.3:a:liferay:liferay_portal:7.4.3.60
Liferay » Liferay Portal » Version: 7.4.3.61

cpe:2.3:a:liferay:liferay_portal:7.4.3.61
Liferay » Liferay Portal » Version: 7.4.3.62

cpe:2.3:a:liferay:liferay_portal:7.4.3.62
Liferay » Liferay Portal » Version: 7.4.3.63

cpe:2.3:a:liferay:liferay_portal:7.4.3.63
Liferay » Liferay Portal » Version: 7.4.3.64

cpe:2.3:a:liferay:liferay_portal:7.4.3.64
Liferay » Liferay Portal » Version: 7.4.3.65

cpe:2.3:a:liferay:liferay_portal:7.4.3.65
Liferay » Liferay Portal » Version: 7.4.3.66

cpe:2.3:a:liferay:liferay_portal:7.4.3.66
Liferay » Liferay Portal » Version: 7.4.3.67

cpe:2.3:a:liferay:liferay_portal:7.4.3.67
Liferay » Liferay Portal » Version: 7.4.3.68

cpe:2.3:a:liferay:liferay_portal:7.4.3.68
Liferay » Liferay Portal » Version: 7.4.3.69

cpe:2.3:a:liferay:liferay_portal:7.4.3.69
Liferay » Liferay Portal » Version: 7.4.3.7

cpe:2.3:a:liferay:liferay_portal:7.4.3.7
Liferay » Liferay Portal » Version: 7.4.3.70

cpe:2.3:a:liferay:liferay_portal:7.4.3.70
Liferay » Liferay Portal » Version: 7.4.3.71

cpe:2.3:a:liferay:liferay_portal:7.4.3.71
Liferay » Liferay Portal » Version: 7.4.3.72

cpe:2.3:a:liferay:liferay_portal:7.4.3.72
Liferay » Liferay Portal » Version: 7.4.3.73

cpe:2.3:a:liferay:liferay_portal:7.4.3.73
Liferay » Liferay Portal » Version: 7.4.3.74

cpe:2.3:a:liferay:liferay_portal:7.4.3.74
Liferay » Liferay Portal » Version: 7.4.3.75

cpe:2.3:a:liferay:liferay_portal:7.4.3.75
Liferay » Liferay Portal » Version: 7.4.3.76

cpe:2.3:a:liferay:liferay_portal:7.4.3.76
Liferay » Liferay Portal » Version: 7.4.3.77

cpe:2.3:a:liferay:liferay_portal:7.4.3.77
Liferay » Liferay Portal » Version: 7.4.3.78

cpe:2.3:a:liferay:liferay_portal:7.4.3.78
Liferay » Liferay Portal » Version: 7.4.3.79

cpe:2.3:a:liferay:liferay_portal:7.4.3.79
Liferay » Liferay Portal » Version: 7.4.3.8

cpe:2.3:a:liferay:liferay_portal:7.4.3.8
Liferay » Liferay Portal » Version: 7.4.3.80

cpe:2.3:a:liferay:liferay_portal:7.4.3.80
Liferay » Liferay Portal » Version: 7.4.3.81

cpe:2.3:a:liferay:liferay_portal:7.4.3.81
Liferay » Liferay Portal » Version: 7.4.3.82

cpe:2.3:a:liferay:liferay_portal:7.4.3.82
Liferay » Liferay Portal » Version: 7.4.3.83

cpe:2.3:a:liferay:liferay_portal:7.4.3.83
Liferay » Liferay Portal » Version: 7.4.3.84

cpe:2.3:a:liferay:liferay_portal:7.4.3.84
Liferay » Liferay Portal » Version: 7.4.3.85

cpe:2.3:a:liferay:liferay_portal:7.4.3.85
Liferay » Liferay Portal » Version: 7.4.3.86

cpe:2.3:a:liferay:liferay_portal:7.4.3.86
Liferay » Liferay Portal » Version: 7.4.3.87

cpe:2.3:a:liferay:liferay_portal:7.4.3.87
Liferay » Liferay Portal » Version: 7.4.3.88

cpe:2.3:a:liferay:liferay_portal:7.4.3.88
Liferay » Liferay Portal » Version: 7.4.3.89

cpe:2.3:a:liferay:liferay_portal:7.4.3.89
Liferay » Liferay Portal » Version: 7.4.3.9

cpe:2.3:a:liferay:liferay_portal:7.4.3.9
Liferay » Liferay Portal » Version: 7.4.3.90

cpe:2.3:a:liferay:liferay_portal:7.4.3.90
Liferay » Liferay Portal » Version: 7.4.3.91

cpe:2.3:a:liferay:liferay_portal:7.4.3.91
Liferay » Liferay Portal » Version: 7.4.3.92

cpe:2.3:a:liferay:liferay_portal:7.4.3.92
Liferay » Liferay Portal » Version: 7.4.3.94

cpe:2.3:a:liferay:liferay_portal:7.4.3.94
Liferay » Liferay Portal » Version: 7.4.3.95

cpe:2.3:a:liferay:liferay_portal:7.4.3.95
Liferay » Liferay Portal » Version: 7.4.3.96

cpe:2.3:a:liferay:liferay_portal:7.4.3.96
Liferay » Liferay Portal » Version: 7.4.3.97

cpe:2.3:a:liferay:liferay_portal:7.4.3.97
Liferay » Liferay Portal » Version: 7.4.3.98

cpe:2.3:a:liferay:liferay_portal:7.4.3.98
Liferay » Liferay Portal » Version: 7.4.3.99

cpe:2.3:a:liferay:liferay_portal:7.4.3.99

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-38002

Products

Pricing

Contact Us